Easy-peasy WordPress Hacking

Back in2013, a web publishing company, Interconnect/IT, released a handy tool for finding and replacing text in a website’s database. This tool, a stand-alone file published as"searchreplacedb2.php", includes built-in WordPress compatibility that makes working with WordPress databases a breeze.

Unfortunately, since the first public version, it did not include any authentication or security measures, which makes infecting WordPress databases equally easy. But the present version,3.1.0, is essentially the same tool and still does not include any security measures(besides a warning). So updating to the latest version doesn’t make it any safer.

During the last few weeks, the Security Services Team from Wordfence has noticed a spike in infections using this script. The hackers use their botnets to look for the script all over a target site. The popularity of this script makes several well-known themes and plugins to use this script. Thus, when you use those themes and plugins, you're a vulnerable WordPress owner.

What to Do If You Have Been Hacked? If you have searchreplacedb2.php unsecured on your WordPress site, then the odds are high that you have probably been hacked. If you have it and your users are being redirected away, then you have definitely been hacked. Head to our order page and let the owl power WordPress Security experts handle it for you.

Related Posts

For your WP Security, be informed about the latest vulnerabilities in WordPress themes: BBE Theme Direct Object Reference reported by Ryan (Dewhurst Security). The BBE theme before 1.53 for WordPress allows a direct launch of an HTML editor. immediately upgrade to version 1.53 to fix the vulnerability SummaryArticle NameWP Security:...

Over the last year, cybercriminals increased their use of social engineering, scaling up people-centred threats and attacks that rely on human interaction and dialled down the automated exploits. Founding new ways to exploit “the human factor” — the instincts of curiosity and trust that lead well-intentioned people to click, divulge,...

Highly obvious hacking. Because they can and because they have a message. And the message will be clearly visible on the homepage of your website. Mostly, hackers usually replace only the homepage with their own message. Replacing back the homepage to your old version is not the solution. You need...

For your WordPress protection, be informed about the latest vulnerabilities in WP plugins: WP Statistics SQL injection reported by Sucuri. Exploit allows to create an admin-level user and sign in to your WordPress as an admin. Cross-Site Scripting (XSS) reported by Dewhurst Security. Exploit allows attackers to compromise a WordPress...

For your WP Security, be informed about the latest vulnerabilities in WordPress plugins: Redirection Authenticated Local File Inclusion reported by Ryan (Dewhurst Security). ACE via file inclusion in Redirection allows admins to execute any PHP file in the filesystem. If you are logged in as an administrator on any site...

For your WP Security, be informed about the latest vulnerabilities in WordPress plugins: NextGEN Gallery BYPASS reported by Dewhurst Security. In the nextgen-gallery plugin before 2.2.50 for WordPress, gallery paths are not secured. immediately upgrade to version 2.2.50 to fix the vulnerability Category Order and Taxonomy Terms Order A1: Injection...

Social Engineering exploits Human interaction and commerce are increasingly digital, and threat actors are adapting to that reality. They are following shifting trends, usage patterns and popular interests to attack people through social media channels. Many of these attacks rely on social engineering. Others simply take advantage of inclinations for...

Social Engineering Conclusions As the threat landscape continues to evolve, new tools and approaches are emerging regularly. But one thing remains constant: the human factor. More than ever, cybercriminals rely on people to download and install malware or send funds and information on their behalf. And as the shelf lives...

WP Security bulletin - January 2019 At your next scheduled WordPress Maintenance, be advised for your WP Security about the latest 2 vulnerabilities in a premium WordPress theme identified and reported publicly during. As these vulnerabilities are disclosed, when you use one (or more) of these outdated plugins - your...

A new kind of attack targets fresh WordPress installations. Attack starts with a scan after the "/wp-admin/setup-config.php" URL. This is the setup URL for any freshly installed WordPress. If the attackers find that URL and it contains a setup page, it indicates that someone has recently installed WordPress on the...

WordPress security is often referred to as “reinforcement" or "hardening”. Makes sense. After all, the process is like adding reinforcements to your existing security, hardening the current capabilities. We created a few fun quizzes, to allow users to test their own WordPress Security skills. All these quizzes can be 100%...

Social engineering approaches further matured in both phishing and malware attacks, with increased geotargeted malware attacks. For all the known WordPress Security issues, these were the most identified types: BANKING TROJANS: This type of malware steals victims bank login credentials, usually by redirecting victims’ browser to a fake version of...

If you look at your analytic reports and see a sudden and constantly dropping trend in your website traffic, then it could be a sign that your WordPress site is hacked. There are some common tell-tale signs that should help you figure out if your WordPress site is compromised. No...

WP Security bulletin - NOVEMBER 2018 At your next scheduled WordPress Maintenance, be advised for your WP Security about the latest 12 vulnerabilities in WordPress plugins identified and reported publicly. As these vulnerabilities are disclosed, when you use one (or more) of these outdated plugins - your risking serious WordPress...